From c5cbe1d0dde4dddaa4a4208917b975af7655882c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 21 Jan 2026 14:43:23 +0000
Subject: [PATCH] Bump bandit from 1.9.2 to 1.9.3 (#3208)

* Bump bandit from 1.9.2 to 1.9.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.9.2...1.9.3)

---
updated-dependencies:
- dependency-name: bandit
  dependency-version: 1.9.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fixed issue

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alex Janousek <alex.janousek@gsa.gov>
---
 app/cloudfoundry_config.py | 2 +-
 poetry.lock                | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/cloudfoundry_config.py b/app/cloudfoundry_config.py
index 79eb75b5d..9ab433ea5 100644
--- a/app/cloudfoundry_config.py
+++ b/app/cloudfoundry_config.py
@@ -10,7 +10,7 @@ class CloudfoundryConfig:
         self._empty_bucket_credentials = {
             "bucket": "",
             "access_key_id": "",
-            "secret_access_key": "",
+            "secret_access_key": "",  # nosec B105 - empty default, not a real password
             "region": "",
         }
 
diff --git a/poetry.lock b/poetry.lock
index 1d2a87ea3..cb6a45b21 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -97,14 +97,14 @@ files = [
 
 [[package]]
 name = "bandit"
-version = "1.9.2"
+version = "1.9.3"
 description = "Security oriented static analyser for python code."
 optional = false
 python-versions = ">=3.10"
 groups = ["dev"]
 files = [
-    {file = "bandit-1.9.2-py3-none-any.whl", hash = "sha256:bda8d68610fc33a6e10b7a8f1d61d92c8f6c004051d5e946406be1fb1b16a868"},
-    {file = "bandit-1.9.2.tar.gz", hash = "sha256:32410415cd93bf9c8b91972159d5cf1e7f063a9146d70345641cd3877de348ce"},
+    {file = "bandit-1.9.3-py3-none-any.whl", hash = "sha256:4745917c88d2246def79748bde5e08b9d5e9b92f877863d43fab70cd8814ce6a"},
+    {file = "bandit-1.9.3.tar.gz", hash = "sha256:ade4b9b7786f89ef6fc7344a52b34558caec5da74cb90373aed01de88472f774"},
 ]
 
 [package.dependencies]